package com.woniuxy.rbac;

import com.woniuxy.rbac.entity.Perm;
import com.woniuxy.rbac.service.PermService;
import com.woniuxy.rbac.shiro.DbRealm;
import com.woniuxy.rbac.shiro.JwtFilter;
import com.woniuxy.rbac.shiro.MyPermissionFilter;
import com.woniuxy.rbac.shiro.SysDbRealm;
import org.apache.commons.collections.map.HashedMap;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.Arrays;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;

/**
 * @Auther: 老谭（<a href="http://www.woniuxy.com">蜗牛学苑</a>）
 */
@Configuration
public class ShiroConfig {
    @Bean
    public Realm realm() {
        return new DbRealm();
    }

    @Bean
    public SysDbRealm sysRealm() {
        return new SysDbRealm();
    }

    @Bean
    public DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
//        defaultWebSecurityManager.setRealm(realm());
//        defaultWebSecurityManager.setRealms(Arrays.asList(realm(),sysRealm()));
        ModularRealmAuthenticator authenticator = new ModularRealmAuthenticator();
        authenticator.setRealms(Arrays.asList(realm(), sysRealm()));
        defaultWebSecurityManager.setAuthenticator(authenticator);

        //设置授权对象
        defaultWebSecurityManager.setAuthorizer(sysRealm());
        return defaultWebSecurityManager;
    }

    @Autowired
    private PermService permService;

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean() {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setLoginUrl("/member/login");
        shiroFilterFactoryBean.setUnauthorizedUrl("/member/login");
        shiroFilterFactoryBean.setSecurityManager(securityManager());

        Map<String, Filter> filters = new HashedMap();
        filters.put("jwt", new JwtFilter());
        filters.put("perms", new MyPermissionFilter());
        shiroFilterFactoryBean.setFilters(filters);

        Map<String, String> map = new LinkedHashMap<>();
        map.put("/api/v1/user/login", "anon");
        map.put("/ucenter/**", "authc");
        map.put("/order/add", "authc");
        map.put("/member/logout", "logout");

        //查询
        List<Perm> perms = permService.getPerms();
        for (Perm p : perms) {
            if (p.getLink() != null && !p.getLink().equals("")) {
                map.put("/api/v1/" + p.getLink(), "jwt,perms[" + p.getCode() + "]");
            }
        }

        map.put("/**", "anon");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);

        return shiroFilterFactoryBean;
    }

//    @Bean
//    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
//        DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition();
//        chainDefinition.addPathDefinition("/ucenter/**", "authc");
//        chainDefinition.addPathDefinition("/order/add", "authc");
//        chainDefinition.addPathDefinition("/member/logout", "logout");
//
//        List<Perm> perms = permService.getPerms();
////        for (Perm p : perms) {
////            chainDefinition.addPathDefinition(p.getLink(), "authc, perms[" + p.getCode() + "]");
////        }
//        chainDefinition.addPathDefinition("/**", "anon");
//        return chainDefinition;
//    }
}
